wbrawner/twigs
1
0
Fork 0
Code Issues Pull requests 2 Projects Releases Packages 1 Wiki Activity Actions

Fix CORS settings

Browse source
This commit is contained in:
William Brawner 2020-02-18 19:51:35 -07:00
parent 882108c006
commit 3ed5d700bd
1 changed files with 5 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
src/main/kotlin/com/wbrawner/budgetserver/config/SecurityConfig.kt
View file

@ -6,6 +6,7 @@ import org.springframework.context.annotation.Bean
import org.springframework.context.annotation.Configuration import org.springframework.context.annotation.Configuration
import org.springframework.core.env.Environment import org.springframework.core.env.Environment
import org.springframework.core.env.get import org.springframework.core.env.get
import org.springframework.http.HttpMethod
import org.springframework.security.authentication.dao.DaoAuthenticationProvider import org.springframework.security.authentication.dao.DaoAuthenticationProvider
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity
@ -68,7 +69,10 @@ open class SecurityConfig(
.configurationSource { .configurationSource {
with(CorsConfiguration()) { with(CorsConfiguration()) {
applyPermitDefaultValues() applyPermitDefaultValues()
allowedOrigins = environment.get("twigs.cors.domains")?.split(",") allowedOrigins = environment["twigs.cors.domains"]?.split(",") ?: listOf("*")
allowedMethods = listOf(HttpMethod.GET, HttpMethod.POST, HttpMethod.PUT, HttpMethod.DELETE)
.map { it.name }
allowCredentials = true
this this
} }
} }